At present, more and more interactions are taking place through the Internet. For most people today it is not a problem to send or receive email, use the services of a web resource (hereinafter, resource), such as accessing one or several files, documents, images, sounds, videos, computers, servers, services, web pages, etc., or make a purchase at an Internet store. Due to the ever increasing amount of confidential user data ending up on the Internet, the problem of its theft is becoming increasingly acute. In most cases, for the theft of user data, the hacker tries to install malicious software on the computer systems of users. However, when this is not possible for whatever reasons, the user may be subjected to an attack in the process of the user's system interacting with a resource. One popular method in this case is a man-in-the-middle attack—a method of compromising a communications channel in which the hacker connects to the channel between contracting parties and interferes in the transmission protocol, reading, removing, or distorting information. Such attacks can be very effective and rather hard to detect. The target of such attacks may be either a specific user system or a group of user systems.
There are several effective means of defense against man-in-the-middle attacks, but nearly all of them are employed either in the router itself, to which the user being attacked is connected, or on servers which the potential victim is visiting. The users does not know whether they are on the genuine server or whether it is a fake substituted by the hacker. One of the ways of defending against such an attack is the use of strong encryption between client and server. In this case, the server can identify itself by presenting a digital certificate, after which an encrypted channel is established between the user and the server for the exchange of confidential data. But in this case there is a dependence on the server itself and its chosen method of encryption. Another type of defending against certain kinds of such attacks might be a total refusal to use open Wi-Fi networks for working with personal data.
Thus, there is a need to create effective technologies for identifying targeted attacks of the man-in-the-middle type which can prevent the stealing of user data without imposing restrictions on the user's working on the Internet.